This area will depend largely on the industry and geography in which the network is operating, but at that level, there should be an identification of the compliance requirements and the regulations that participants are meant to adhere to.

A good example is the General Data Protection Regulation (GDPR), which has recently come into effect. GDPR is a regulation proposed by the European Commission to strengthen and reinforce data privacy rules. Under the new law, users can request to have their personal data permanently erased from any organization. Ignoring such regulations could result in a smart contract that persists personal information, creating a major problem for all participants of the network when a request for erasure is received.

In this area, the focus should be on the following:

• Identifying the relevant regulations
• Auditing smart contracts and participants (where applicable) to ensure compliance is met